|Location||Canary Wharf, London||Issue Date||30/01/2017|
|Working Pattern||Full Time||Salary||Competitive|
|Reports to||NSOC Manager||Department||NSOC|
Following our recent acquisition by a cyber security focused investment firm, there has never been a more exciting time to join us here at ITC Secure Networking! With this investment, our vision is to build a leading pure-play ITC Security Service Provider in EMEA, with an MSS offering at its core.
We are looking for talented individuals to join us on this journey and work with us to achieve our goals. If you are interested in joining a rapidly growing, dynamic, stimulating and fun company then look no further!
Reports to: NSOC Manager
Job Purpose: As a member of a team of experienced L1, L2 and L3 Network and Information Security Engineers you will provide security analysis of customer security events, monitor, manage and support highly secure, complex customer environments with a focus on security event management, vulnerability management and next-generation intrusion prevention / firewalling for a portfolio of blue-chip and mid-market customers.
Customer Security teams / Infrastructure teams and / or Network teams, NSOC Manager, Service Managers, Head of Operations, ITC L1 – L3 engineers, Vendors.
The role requires the following technical skills and experience:
• Analysis of alerts arising from Security Event and Information Management tools, ideally based on HP ArcSight.
• Vulnerability Scanning and reporting ideally based on Qualys. Prioritising and tracking remediation of vulnerabilities.
• Implementation of next-generation Intrusion Prevention solutions based on Cisco Firepower, Checkpoint and / or Palo Alto technologies.
• Creating / modifying firewall configurations and policies for Cisco ASA, Checkpoint and / or Palo Alto technologies.
• Experience of using AlgoSec Firewall Analyser preferable, but not essential.
• Experience of packet-capture tools and analysis of packet flows.
• Experience of security assessment and penetration testing tools advantageous but not essential.
• Experience of network-based User Behaviour Analytics (DarkTrace, ArcSight User Behaviour Analytics etc) advantageous but not essential.
• Knowledge of Threat Intelligence Services advantageous but not essential.
• Good understanding of Cisco-based network design and implementation (LAN and WAN) in mid-market and Blue-Chip organisations.
• Creating / modifying device configurations across Cisco security, switching and routing products.
• Experience with Bluecoat proxy servers and Juniper firewalls advantageous.
• Experience working with service providers and network management platforms (SolarWinds).
This role requires the following operational skills:
• Ability to provide relevant and timely information to customers based on analysis of events from a SIEM platform.
• Customer-facing, with good report-writing skills and strong communication skills at all levels.
• Ability to provide technical and service leadership to L1 and L2 engineers. Be a thought leader in the NSOC.
• Ability to consistently deliver to deadlines while prioritising competing demands for time, without sacrificing quality.
• Professional, hard-working and have the ability to pay attention to detail.
• Good understanding of ITIL processes, including Change Management, Incident Management and Problem Management.
• Willingness to share information, improve documentation, and train other engineers.
• Able to meet demands for occasional out-of-hours working and on-call escalation.
• Upper second-class honours 2(i) degree or equivalent experience in Computing, the sciences or maths (other subjects may be considered).
• COMPTIA Security+ or equivalent experience.
• GIAC Information Security Fundamentals or equivalent experience.
• ITIL Foundation certification.
• Cisco CCNP certification.
• Checkpoint CCSE certification.
• Palo Alto ACE certification.
· Excellent communication skills, both written and spoken English.
· Demonstrable competence and capability in a senior network security support role.
· Knowledge or experience in any of the following areas (ideally at a support level) would be an advantage:
o ArcSight o CryptoCARD/RSA
o Checkpoint o F5
o Cisco CCNA Security o Forescout CounterACT
o Riverbed Steelhead o SolarWindso ITIL foundation
• Experience of working in fast-paced, high pressure environments.
• Microsoft Office skills, including manipulation of data.
• Professional and positive at all times, self-motivated and self-sufficient.
• Successful customer-facing practices.
• Diligent, with great attention to detail.
• Ability to cope successfully under pressure and with shifting priorities.
• Excellent collaborator and Team player, able to work on own initiative.
• Assertive, adaptable and creative.
• “Can-do” attitude, willing to go the extra mile.
• Must have the right to work in the UK.
Travel: Occasional travel may be required depending on work undertaken.
Working hours: Normal working hours are 9am – 6pm, Monday – Friday from our Docklands office. Participation on an on-call escalation rota.
If you like what you hear so far, then please get in touch by contacting [email protected]. You should include outline details of your experience and what kind of role you are looking for. If you have a LinkedIn profile or a copy of your CV online, please include a link to this in your message.